ResearchCat

Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays

Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays

| | Anti-Ransomware, antivirus, AV, Cybereason Anti-Ransomware Solution, EDR, endpoint detection and response, Malware, Multi-Stage Ransomware, Next Generation Antivirus, ngav, RansomOps, Ransomware, ransomware as a service, Ransomware Attackers Don’t Take Holidays, Ransomware-as-s-Service, Ransomware: The True Cost to Business, research, ResearchCat, Threat Analysis Report
In June of 2021, Cybereason published a global research report, titled Ransomware: The True Cost to Business, which revealed that the vast majority of organizations that have suffered a ransomware attack experienced ...
Blog
THREAT ANALYSIS REPORT: Snake Infostealer Malware

THREAT ANALYSIS REPORT: Snake Infostealer Malware

| | Agent Tesla Malware, credential theft, Cybereason Defense Platform, Cybersecurity, endpoint detection and response, Endpoint Protection Platform, FormBook Malware, Infosec, keylogger, managed detection and response, managed security services provider, Matiex Malware, mdr, Network Security, research, ResearchCat, security, Snake Malware, Unified Endpoint Security
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them ...
Blog
Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms

Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms

| | Advanced persistent threat, Aerospace, Agrius APT, APT, Critical Infrastructure, cyberattack, Espionage, Europe, Iran, MalKamak, Malop, Malware, Nation-state Attack, national security, Nocturnus, Operation GhostShell, remote-access Trojan, research, ResearchCat, Russia, ShellClient RAT, telecommunications, telecoms, threat actors, Threat Intelligence, Turla, United States
In July 2021, the Cybereason Nocturnus and Incident Response Teams responded to Operation GhostShell, a highly-targeted cyber espionage campaign targeting the Aerospace and Telecommunications industries mainly in the Middle East, with additional ...
Blog
THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

| | CVE-2021-40444, cyberattack, Exploits, Internet Explorer, managed detection and response, managed security services provider, mdr, Microsoft, Microsoft Hypertext Markup Language, MSHTML, remediation, research, ResearchCat, Threat Alerts, Vulnerabilities, vulnerability
The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them ...
Blog
Cybereason vs. LockBit2.0 Ransomware

Cybereason vs. LockBit2.0 Ransomware

| | Accenture, Anti-Ransomware, cyberattack, Cybereason Defense Platform, Cybereason XDR Platform, Double Extortion, EDR, endpoint detection and response, Endpoint Protection Platform, enterprise security, EPP, Lockbit, LockBit2.0, LockBit2.0 Ransomware, Malware, Multi-Stage Ransomware, Network Security, Nocturnus, RansomOps, research, ResearchCat, Triple Extortion, Unified Endpoint Security, XDR
The Cybereason Nocturnus team has been tracking the LockBit ransomware since it first emerged in September 2019 as a ransomware-as-a-service (RaaS). Following the rise of the new LockBit2.0 and the latest events, ...
Blog
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos

DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos

| | APT, china, Nation-state Attack, national security, research, ResearchCat, telecommunications
Following the discovery of Hafnium attacks targeting Microsoft Exchange vulnerabilities, the Cybereason Nocturnus and Incident Response teams proactively hunted for various threat actors trying to leverage similar techniques in-the-wild. In the beginning ...
Blog
Cybereason vs. Prometheus Ransomware

Cybereason vs. Prometheus Ransomware

| | Advanced persistent threat, Anti-Ransomware, APT, Cybersecurity, Double Extortion, EDR, endpoint detection and response, Endpoint Protection Platform, enterprise security, EPP, Extended Detection and Response, Infosec, Malware, Network Security, Next Generation Antivirus, ngav, Prometheus Ransomware, Ransomware, research, ResearchCat, rEvil, security, Unified Endpoint Security
Prometheus is a relatively new variant of the Thanos ransomware that is operated independently by the Prometheus group, and was first observed in February of 2021. In just a short period of ...
Blog
Cybereason vs. REvil Ransomware: The Kaseya Chronicles

Cybereason vs. REvil Ransomware: The Kaseya Chronicles

| | Anti-Ransomware, antivirus, Cybereason Anti-Ransomware Solution, Cybereason Defense Platform, endpoint detection and response, Endpoint Protection Platform, Extended Detection and Response, Kaseya Attacks, managed security services provider, Next Generation Antivirus, ngav, Nocturnus, Ransomware, research, ResearchCat, rEvil, risk management, Sodinokibi, Supply Chain Attacks, Unified Endpoint Security, video, VideosCat
As a spate of ransomware attacks continue to dominate the headlines in recent months, the infamous REvil ransomware gang has upped the ante significantly with a wide ranging operation that is suspected ...
Blog
Report: Ransomware Attacks and the True Cost to Business

Report: Ransomware Attacks and the True Cost to Business

| | Analyst Report, Anti-Ransomware, CISO, Colonial Pipeline, cryptocurrency, cyber insurance, cybercrime, Cybereason, Cybereason Defense Platform, Cybersecurity, Darkside, Double Extortion, EDR, endpoint detection and response, Endpoint Protection Platform, enterprise security, EPP, Incident Response, JBS, legislation, Multi-Stage Ransomware, national security, Next Generation Antivirus, Operation-Centric Security, RansomOps, Ransomware, research, ResearchCat, ResourcesCat, rEvil, risk management, Russia, secops, security, Security Controls, security policy, Sodinokibi, Threat Intelligence, Unified Endpoint Security
Ransomware attacks have continued to make headlines, and for good reason: on average, there is a new ransomware attack every 11 seconds, and the losses to organizations from ransomware attacks is projected ...
Blog
PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector

PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector

| | Advanced persistent threat, APT, china, Cybereason, Cybereason Defense Platform, Cybersecurity, Infosec, Malware, Nation-state Attack, PortDoor Backdoor, research, ResearchCat, RoyalRoad, Russia, security, spear-phishing
The Cybereason Nocturnus Team has been tracking recent developments in the RoyalRoad weaponizer, also known as the 8.t Dropper/RTF exploit builder. Over the years, this tool has become a part of the ...
Blog
Load more